5 matches found
Use of Incorrectly-Resolved Name or Reference
Overview starlette is a The little ASGI library that shines. Affected versions of this package are vulnerable to Use of Incorrectly-Resolved Name or Reference in the reconstruction of request.url when the HTTP request path does not begin with /. An attacker can mislead the application into trusti...
Out-of-bounds Read
Overview pillow-heif is a Python interface for libheif library Affected versions of this package are vulnerable to Out-of-bounds Read via the CtxWriteImageaddplane function. An attacker can cause information disclosure or process crashes by supplying large image dimensions that bypass buffer boun...
Open Redirect
Overview googlesignin is a Sign in or up with Google for Rails applications Affected versions of this package are vulnerable to Open Redirect via the ensuresameorigin function in the redirectprotector.rb file. An attacker can cause users to be redirected to an attacker-controlled origin by...
Linux Distros Unpatched Vulnerability : CVE-2024-56138
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. This issue was identified during...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to an integer overflow in the makeRoom function. An attacker can achieve arbitrary code execution by supplying a crafted input that triggers the buffer overflow. Remediation Upgrade libavif to version...